diff --git a/vulnerabilities/importers/__init__.py b/vulnerabilities/importers/__init__.py
index 3f429f669..813179cb1 100644
--- a/vulnerabilities/importers/__init__.py
+++ b/vulnerabilities/importers/__init__.py
@@ -37,6 +37,7 @@
 from vulnerabilities.pipelines import alpine_linux_importer
 from vulnerabilities.pipelines import github_importer
 from vulnerabilities.pipelines import gitlab_importer
+from vulnerabilities.pipelines import misp_importer
 from vulnerabilities.pipelines import nginx_importer
 from vulnerabilities.pipelines import npm_importer
 from vulnerabilities.pipelines import nvd_importer
@@ -78,6 +79,7 @@
     nvd_importer.NVDImporterPipeline,
     pysec_importer.PyPIImporterPipeline,
     alpine_linux_importer.AlpineLinuxImporterPipeline,
+    misp_importer.MISPImporterPipeline,
 ]
 
 IMPORTERS_REGISTRY = {
diff --git a/vulnerabilities/pipelines/misp_importer.py b/vulnerabilities/pipelines/misp_importer.py
new file mode 100644
index 000000000..1c0e14418
--- /dev/null
+++ b/vulnerabilities/pipelines/misp_importer.py
@@ -0,0 +1,196 @@
+#
+# Copyright (c) nexB Inc. and others. All rights reserved.
+# VulnerableCode is a trademark of nexB Inc.
+# SPDX-License-Identifier: Apache-2.0
+# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
+# See https://github.com/aboutcode-org/vulnerablecode for support or download.
+# See https://aboutcode.org for more information about nexB OSS projects.
+#
+import json
+import logging
+import re
+from datetime import timezone
+from typing import Iterable
+
+import requests
+from bs4 import BeautifulSoup
+from dateutil import parser as dateparser
+from packageurl import PackageURL
+from univers.version_range import GenericVersionRange
+from univers.version_range import VersionRange
+
+from vulnerabilities.importer import AdvisoryData
+from vulnerabilities.importer import AffectedPackage
+from vulnerabilities.importer import Reference
+from vulnerabilities.importer import VulnerabilitySeverity
+from vulnerabilities.pipelines import VulnerableCodeBaseImporterPipeline
+from vulnerabilities.severity_systems import CVSSV3
+from vulnerabilities.severity_systems import CVSSV31
+from vulnerabilities.utils import fetch_response
+from vulnerabilities.utils import get_item
+
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+
+class MISPImporterPipeline(VulnerableCodeBaseImporterPipeline):
+    """Collect Advisories from MISP"""
+
+    pipeline_id = "misp_importer"
+    spdx_license_expression = "CC BY-SA 3.0"
+    license_url = "https://www.misp-project.org/license/"
+    root_url = "https://www.misp-project.org/security/"
+    importer_name = "MISP Importer"
+
+    def __init__(self):
+        super().__init__()
+
+    @classmethod
+    def steps(cls):
+        return (
+            cls.collect_and_store_advisories,
+            cls.import_new_advisories,
+        )
+
+    # num of advisories
+    def advisories_count(self) -> int:
+        return len(fetch_advisory_links(self.root_url))
+
+    # parse the response data
+    def collect_advisories(self) -> Iterable[AdvisoryData]:
+        advisory_links = fetch_advisory_links(self.root_url)
+
+        for link in advisory_links:
+            advisory_data = fetch_advisory_data(link)
+            yield to_advisory_data(advisory_data)
+
+
+def fetch_advisory_links(url):
+    """Fetches the advisory links listed on the URL,returns a list"""
+    r = fetch_response(url).content
+    soup = BeautifulSoup(r, "html.parser")
+
+    h2 = soup.find(id="advisories")
+    # Find the <ul> element
+    ul_element = h2.find_next_sibling()
+    # Extract all <li> elements
+    li_elements = ul_element.find_all("li")
+
+    advisory_links = []
+    # Extract and print the text content of each <li>
+    for li in li_elements:
+        link_text = li.find("a").text.lower()
+
+        # Extract the rest of the text
+        description = li.text.replace(link_text, "").strip()
+        advisory_links.append(f"https://cve.circl.lu/vuln/fkie_{link_text}")
+
+    return advisory_links
+
+
+def fetch_advisory_data(url):
+    """Fetches advisory data,returns a dict"""
+    r = fetch_response(url).content
+    soup = BeautifulSoup(r, "html.parser")
+
+    # Find the <pre> element containing the JSON data
+    pre_element = soup.find("pre", {"class": "json-container"})
+
+    # Extract the text content
+    json_text = pre_element.text
+
+    # Parse the cleaned text as JSON
+    json_data = json.loads(json_text)
+
+    # data
+    description = json_data["descriptions"][0]["value"]
+    cve_id = json_data["id"]
+    date_published = json_data["published"]
+    references = json_data["references"][0]["url"]
+
+    # metrics
+    metrics = json_data["metrics"]
+    metrics_keys = list(metrics.keys())
+    if "cvssMetricV31" in metrics_keys:
+        cve_score = {
+            "version": "cvssMetricV31",
+            "score": metrics["cvssMetricV31"][0]["cvssData"]["baseScore"],
+        }
+    else:
+        cve_score = {
+            "version": "cvssMetricV30",
+            "score": metrics["cvssMetricV30"][0]["cvssData"]["baseScore"],
+        }
+
+    # affected version
+    match = re.search(r"\b\d+\.\d+\.\d+\b", description)
+    affected_version = match.group(0)
+
+    return {
+        "description": description,
+        "alias": cve_id,
+        "date_published": date_published,
+        "references": references,
+        "cve_score": cve_score,
+        "affected_version": affected_version,
+        "url": url,
+    }
+
+
+def to_advisory_data(raw_data) -> AdvisoryData:
+    """Parses extracted data to Advisory Data"""
+    # alias
+    alias = get_item(raw_data, "alias")
+
+    # affected packages
+    affected_packages = []
+    affected_version = get_item(raw_data, "affected_version")  # list of list of affected versions
+    affected_packages.append(
+        AffectedPackage(
+            package=PackageURL(type="misp", name="MISP"),
+            affected_version_range=VersionRange.from_string(f"vers:generic/={affected_version}"),
+        )
+    )
+
+    # score
+    if raw_data["cve_score"]["version"] == "cvssMetricV31":
+        severity = VulnerabilitySeverity(
+            system=CVSSV31,
+            value=raw_data["cve_score"]["score"],
+            scoring_elements="CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+        )
+    else:
+        severity = VulnerabilitySeverity(
+            system=CVSSV3,
+            value=raw_data["cve_score"]["score"],
+            scoring_elements="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+        )
+
+    # Reference
+    references = []
+    references.append(
+        Reference(
+            severities=[severity],
+            reference_id=alias,
+            url=get_item(raw_data, "references"),
+        )
+    )
+
+    # description
+    description = get_item(raw_data, "description")
+
+    # date published
+    date_published = get_item(raw_data, "date_published")
+    date_published = dateparser.parse(date_published, yearfirst=True).replace(tzinfo=timezone.utc)
+
+    # url
+    url = get_item(raw_data, "url")
+
+    return AdvisoryData(
+        aliases=alias,
+        summary=description,
+        affected_packages=affected_packages,
+        references=references,
+        url=url,
+        date_published=date_published,
+    )
diff --git a/vulnerabilities/tests/pipelines/test_misp_importer_pipeline.py b/vulnerabilities/tests/pipelines/test_misp_importer_pipeline.py
new file mode 100644
index 000000000..d2f4ae43b
--- /dev/null
+++ b/vulnerabilities/tests/pipelines/test_misp_importer_pipeline.py
@@ -0,0 +1,174 @@
+#
+# Copyright (c) nexB Inc. and others. All rights reserved.
+# VulnerableCode is a trademark of nexB Inc.
+# SPDX-License-Identifier: Apache-2.0
+# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
+# See https://github.com/aboutcode-org/vulnerablecode for support or download.
+# See https://aboutcode.org for more information about nexB OSS projects.
+#
+
+import datetime
+import json
+from pathlib import Path
+from unittest import mock
+from unittest.mock import patch
+
+from packageurl import PackageURL
+from univers.version_constraint import VersionConstraint
+from univers.version_range import GenericVersionRange
+from univers.versions import SemverVersion
+
+from vulnerabilities.importer import AdvisoryData
+from vulnerabilities.importer import AffectedPackage
+from vulnerabilities.importer import Reference
+from vulnerabilities.importer import VulnerabilitySeverity
+from vulnerabilities.pipelines import misp_importer
+from vulnerabilities.severity_systems import Cvssv3ScoringSystem
+
+EXPECTED_DATA = Path(__file__).parent.parent / "test_data" / "misp" / "misp_expected.json"
+HTML_DATA = Path(__file__).parent.parent / "test_data" / "misp" / "misp_test.html"
+ADVISORY_HTML_DATA = Path(__file__).parent.parent / "test_data" / "misp" / "misp_advisory_test.html"
+
+
+def load_expected_data(file):
+    with open(file) as f:
+        return json.load(f)
+
+
+@mock.patch("requests.get")
+def test_fetch_advisory_links(mock_get):
+    """Test fetching advisory links from MISP security advisories page."""
+
+    # Read mock HTML content
+    with open(HTML_DATA, "r", encoding="utf-8") as file:
+        mock_html_content = file.read()
+
+    # Mock HTTP response
+    mock_response = mock.Mock()
+    mock_response.status_code = 200
+    mock_response.content = mock_html_content.encode()
+
+    mock_get.return_value = mock_response
+
+    # Call function under test
+    links = misp_importer.fetch_advisory_links("https://www.misp-project.org/security/")
+
+    # Ensure the links are extracted correctly
+    assert isinstance(links, list)
+    assert len(links) > 0
+    assert "https://cve.circl.lu/vuln/fkie_cve-2015-5719" in links
+
+
+@mock.patch("requests.get")
+def test_fetch_advisory_data(mock_get):
+    """Test fetching and parsing advisory data from the CVE page."""
+
+    # Load expected advisory data from JSON file
+    expected_data = load_expected_data(EXPECTED_DATA)
+
+    # Read mock HTML content
+    with open(ADVISORY_HTML_DATA, "r", encoding="utf-8") as file:
+        mock_html_content = file.read()
+
+    # Create a proper mock response object
+    mock_response = mock.Mock()
+    mock_response.status_code = 200
+    mock_response.text = mock_html_content
+    mock_response.content = mock_html_content.encode("utf-8")
+
+    mock_get.return_value = mock_response
+
+    # Call function under test
+    advisory_data = misp_importer.fetch_advisory_data(
+        "https://cve.circl.lu/vuln/fkie_cve-2015-5719"
+    )
+
+    # Validate extracted advisory data
+    assert advisory_data["alias"] == expected_data["aliases"]
+    assert advisory_data["description"] == expected_data["summary"]
+    assert advisory_data["date_published"] == expected_data["date_published"]
+
+
+@mock.patch("requests.get")
+def test_misp_importer_pipeline_collect_advisories(mock_get):
+    """Test the `collect_advisories` method in `MISPImporterPipeline`."""
+
+    with open(ADVISORY_HTML_DATA, "r", encoding="utf-8") as file:
+        mock_html_content = file.read()
+
+    # Mock HTTP Response
+    mock_response = mock.Mock()
+    mock_response.status_code = 200
+    mock_response.text = mock_html_content
+    mock_response.content = mock_html_content.encode("utf-8")
+    mock_get.return_value = mock_response
+
+    # Initialize the pipeline
+    pipeline = misp_importer.MISPImporterPipeline()
+
+    with mock.patch(
+        "vulnerabilities.pipelines.misp_importer.fetch_advisory_links"
+    ) as mock_links, mock.patch(
+        "vulnerabilities.pipelines.misp_importer.fetch_advisory_data"
+    ) as mock_data:
+        mock_links.return_value = ["https://cve.circl.lu/vuln/fkie_cve-2015-5719"]
+        mock_data.return_value = {
+            "description": "app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.",
+            "alias": "CVE-2015-5719",
+            "date_published": "2016-09-03T20:59:00.153",
+            "references": "http://www.securityfocus.com/bid/92740",
+            "cve_score": {"version": "cvssMetricV30", "score": 9.8},
+            "affected_version": "2.3.92",
+        }
+        generator = pipeline.collect_advisories()
+        advisories = list(generator)
+
+    assert len(advisories) == 1
+    advisory = advisories[0]
+
+    assert advisory.aliases == advisory_data.aliases
+    assert advisory.date_published == advisory_data.date_published
+    assert advisory.summary == advisory_data.summary
+    assert advisory.affected_packages == advisory.affected_packages
+
+
+advisory_data = AdvisoryData(
+    aliases="CVE-2015-5719",
+    summary="app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.",
+    affected_packages=[
+        AffectedPackage(
+            package=PackageURL(
+                type="misp", namespace=None, name="MISP", version=None, qualifiers={}, subpath=None
+            ),
+            affected_version_range=GenericVersionRange(
+                constraints=(
+                    VersionConstraint(comparator="=", version=SemverVersion(string="2.3.92")),
+                )
+            ),
+            fixed_version=None,
+        )
+    ],
+    references=[
+        Reference(
+            reference_id="CVE-2015-5719",
+            reference_type="",
+            url="http://www.securityfocus.com/bid/92740",
+            severities=[
+                VulnerabilitySeverity(
+                    system=Cvssv3ScoringSystem(
+                        identifier="cvssv3",
+                        name="CVSSv3 Base Score",
+                        url="https://www.first.org/cvss/v3-0/",
+                        notes="CVSSv3 base score and vector",
+                    ),
+                    value=9.8,
+                    scoring_elements="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+                    published_at=None,
+                )
+            ],
+        )
+    ],
+    date_published=datetime.datetime(2016, 9, 3, 20, 59, 0, 153000, tzinfo=datetime.timezone.utc),
+    weaknesses=[],
+    url="https://cve.circl.lu/vuln/fkie_cve-2015-5719",
+)
diff --git a/vulnerabilities/tests/test_data/misp/misp_advisory_test.html b/vulnerabilities/tests/test_data/misp/misp_advisory_test.html
new file mode 100644
index 000000000..246f37ee5
--- /dev/null
+++ b/vulnerabilities/tests/test_data/misp/misp_advisory_test.html
@@ -0,0 +1,140 @@
+<html>
+<pre class="json-container" id="containerfkie_cve-2015-5719">{
+    "configurations": [
+      {
+        "nodes": [
+          {
+            "cpeMatch": [
+              {
+                "criteria": "cpe:2.3:a:misp-project:malware_information_sharing_platform:*:*:*:*:*:*:*:*",
+                "matchCriteriaId": "FC0C651C-5962-47D4-AA2E-220BB4B1A1B2",
+                "versionEndIncluding": "2.3.91",
+                "vulnerable": true
+              }
+            ],
+            "negate": false,
+            "operator": "OR"
+          }
+        ]
+      }
+    ],
+    "cveTags": [],
+    "descriptions": [
+      {
+        "lang": "en",
+        "value": "app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors."
+      },
+      {
+        "lang": "es",
+        "value": "app/Controller/TemplatesController.php en Malware Information Sharing Platform (MISP) en versiones anteriores a 2.3.92 no restringe adecuadamente nombres de archivo bajo el directorio tmp/files/, lo que tiene un impacto y vectores de ataque no especificados."
+      }
+    ],
+    "id": "CVE-2015-5719",
+    "lastModified": "2024-11-21T02:33:42.317",
+    "metrics": {
+      "cvssMetricV2": [
+        {
+          "acInsufInfo": true,
+          "baseSeverity": "HIGH",
+          "cvssData": {
+            "accessComplexity": "LOW",
+            "accessVector": "NETWORK",
+            "authentication": "NONE",
+            "availabilityImpact": "COMPLETE",
+            "baseScore": 10.0,
+            "confidentialityImpact": "COMPLETE",
+            "integrityImpact": "COMPLETE",
+            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
+            "version": "2.0"
+          },
+          "exploitabilityScore": 10.0,
+          "impactScore": 10.0,
+          "obtainAllPrivilege": false,
+          "obtainOtherPrivilege": false,
+          "obtainUserPrivilege": false,
+          "source": "nvd@nist.gov",
+          "type": "Primary",
+          "userInteractionRequired": false
+        }
+      ],
+      "cvssMetricV30": [
+        {
+          "cvssData": {
+            "attackComplexity": "LOW",
+            "attackVector": "NETWORK",
+            "availabilityImpact": "HIGH",
+            "baseScore": 9.8,
+            "baseSeverity": "CRITICAL",
+            "confidentialityImpact": "HIGH",
+            "integrityImpact": "HIGH",
+            "privilegesRequired": "NONE",
+            "scope": "UNCHANGED",
+            "userInteraction": "NONE",
+            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+            "version": "3.0"
+          },
+          "exploitabilityScore": 3.9,
+          "impactScore": 5.9,
+          "source": "nvd@nist.gov",
+          "type": "Primary"
+        }
+      ]
+    },
+    "published": "2016-09-03T20:59:00.153",
+    "references": [
+      {
+        "source": "cve@mitre.org",
+        "url": "http://www.securityfocus.com/bid/92740"
+      },
+      {
+        "source": "cve@mitre.org",
+        "tags": [
+          "Issue Tracking",
+          "Patch"
+        ],
+        "url": "https://github.com/MISP/MISP/commit/27cc167c3355ec76292235d7f5f4e0016bfd7699"
+      },
+      {
+        "source": "cve@mitre.org",
+        "tags": [
+          "Third Party Advisory"
+        ],
+        "url": "https://www.circl.lu/advisory/CVE-2015-5719/"
+      },
+      {
+        "source": "af854a3a-2127-422b-91ae-364da2661108",
+        "url": "http://www.securityfocus.com/bid/92740"
+      },
+      {
+        "source": "af854a3a-2127-422b-91ae-364da2661108",
+        "tags": [
+          "Issue Tracking",
+          "Patch"
+        ],
+        "url": "https://github.com/MISP/MISP/commit/27cc167c3355ec76292235d7f5f4e0016bfd7699"
+      },
+      {
+        "source": "af854a3a-2127-422b-91ae-364da2661108",
+        "tags": [
+          "Third Party Advisory"
+        ],
+        "url": "https://www.circl.lu/advisory/CVE-2015-5719/"
+      }
+    ],
+    "sourceIdentifier": "cve@mitre.org",
+    "vulnStatus": "Modified",
+    "weaknesses": [
+      {
+        "description": [
+          {
+            "lang": "en",
+            "value": "NVD-CWE-noinfo"
+          }
+        ],
+        "source": "nvd@nist.gov",
+        "type": "Primary"
+      }
+    ]
+  }</pre>
+
+</html>
\ No newline at end of file
diff --git a/vulnerabilities/tests/test_data/misp/misp_expected.json b/vulnerabilities/tests/test_data/misp/misp_expected.json
new file mode 100644
index 000000000..4b5e46818
--- /dev/null
+++ b/vulnerabilities/tests/test_data/misp/misp_expected.json
@@ -0,0 +1,35 @@
+{
+    "aliases": "CVE-2015-5719",
+    "summary": "app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.",
+    "affected_packages": [
+        {
+            "package": {
+                "type": "misp",
+                "namespace": "",
+                "name": "MISP",
+                "version": "",
+                "qualifiers": "",
+                "subpath": ""
+            },
+            "affected_version_range": "vers:generic/2.3.92",
+            "fixed_version": null
+        }
+    ],
+    "references": [
+        {
+            "reference_id": "CVE-2015-5719",
+            "reference_type": "",
+            "url": "http://www.securityfocus.com/bid/92740",
+            "severities": [
+                {
+                    "system": "cvssv3",
+                    "value": 9.8,
+                    "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+                }
+            ]
+        }
+    ],
+    "date_published": "2016-09-03T20:59:00.153",
+    "weaknesses": [],
+    "url": "https://cve.circl.lu/vuln/fkie_cve-2015-5719"
+}
\ No newline at end of file
diff --git a/vulnerabilities/tests/test_data/misp/misp_test.html b/vulnerabilities/tests/test_data/misp/misp_test.html
new file mode 100644
index 000000000..c2627e81f
--- /dev/null
+++ b/vulnerabilities/tests/test_data/misp/misp_test.html
@@ -0,0 +1,100 @@
+<html>
+    <h2 id="advisories">Advisories</h2>
+    <ul>
+        <li><a href="https://cve.circl.lu/cve/CVE-2015-5719">CVE-2015-5719</a> &lt;= MISP 2.3.92 - app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2015-5720">CVE-2015-5720</a> &lt;= MISP 2.3.89 - Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2015-5721">CVE-2015-5721</a> &lt;= MISP 2.3.89 - Malware Information Sharing Platform (MISP) before 2.3.90 allows remote attackers to conduct PHP object injection attacks via crafted serialized data, related to TemplatesController.php and populate_event_from_template_attributes.ctp.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2017-7215">CVE-2017-7215</a> &lt;=  MISP 2.4.68 - Cross site scripting in some view elements in the index filter tool in app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp of MISP before 2.4.69 allows remote attackers to inject arbitrary web script or HTML.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2017-13671">CVE-2017-13671</a> &lt;= MISP 2.4.79 - app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2017-14337">CVE-2017-14337</a> &lt;= MISP 2.4.79 - When MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in conjunction with a non-MISP external user management ReST API, if an external user provides X.509 certificate authentication and this API returns an empty value, the unauthenticated user can be granted access as an arbitrary user.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2017-15216">CVE-2017-15216</a> &lt;= MISP 2.4.81 - MISP before 2.4.81 has a potential reflected XSS in a quickDelete action that is used to delete a sighting, related to app/View/Sightings/ajax/quickDeleteConfirmationForm.ctp and app/webroot/js/misp.js.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2017-16802">CVE-2017-16802</a> &lt;= MISP 2.4.82 - In the sharingGroupPopulateOrganisations function in app/webroot/js/misp.js in MISP 2.4.82, there is XSS via a crafted organisation name that is manually added.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2017-16946">CVE-2017-16946</a> &lt;= MISP 2.4.82 - The admin_edit function in app/Controller/UsersController.php in MISP 2.4.82 mishandles the enable_password field, which allows admins to discover a hashed password by reading the audit log.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2018-6926">CVE-2018-6926</a> &lt;= MISP 2.4.87 - In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2018-8948">CVE-2018-8948</a> &lt;= MISP 2.4.89 - In MISP before 2.4.89, app/View/Events/resolved_attributes.ctp has multiple XSS issues via a malicious MISP module.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2018-8949">CVE-2018-8949</a> &lt;= MISP 2.4.89 - An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event (without attribute UUIDs but attribute IDs set) could overwrite an existing attribute.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2018-11245">CVE-2018-11245</a> &lt;= MISP 2.4.91 - app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2018-11562">CVE-2018-11562</a> &lt;= MISP 2.4.91 - An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the deleted attributes quick filter.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2018-12649">CVE-2018-12649</a> &lt;= MISP 2.4.92 - An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can bypass the brute-force protection by using a PUT HTTP method instead of a POST HTTP method in the login part, because this protection was only covering POST requests.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2018-19908">CVE-2018-19908</a> &lt;= MISP 2.4.98 - An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php (the STIX 1 import code), an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the original filename of the STIX import.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-9482">CVE-2019-9482</a> &lt;= MISP 2.4.102 - In MISP 2.4.102, an authenticated user can view sightings that they should not be eligible for. Exploiting this requires access to the event that has received the sighting. The issue affects instances with restrictive sighting settings (event only / sighting reported only).</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-10254">CVE-2019-10254</a> &lt;= MISP 2.4.105 - In MISP before 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-11812">CVE-2019-11812</a> &lt;= MISP 2.4.107 - A persistent XSS issue was discovered in app/View/Helper/CommandHelper.php in MISP before 2.4.107. JavaScript can be included in the discussion interface, and can be triggered by clicking on the link.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-11813">CVE-2019-11813</a> &lt;= MISP 2.4.107 - An issue was discovered in app/View/Elements/Events/View/value_field.ctp in MISP before 2.4.107. There is persistent XSS via link type attributes with javascript:// links.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-11814">CVE-2019-11814</a> &lt;= MISP 2.4.107 - An issue was discovered in app/webroot/js/misp.js in MISP before 2.4.107. There is persistent XSS via image names in titles, as demonstrated by a screenshot.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-12794">CVE-2019-12794</a> &lt;= MISP 2.4.108 - An issue was discovered in MISP 2.4.108. Organization admins could reset credentials for site admins (organization admins have the inherent ability to reset passwords for all of their organization’s users).</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-12868">CVE-2019-12868</a> &lt;= MISP 2.4.109 - app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP file_exists function is used with user-controlled entries, and phar:// URLs trigger deserialization.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-14286">CVE-2019-14286</a> &lt;= MISP 2.4.111 - In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view. A malicious MISP event must be crafted in order to trigger the vulnerability.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-16202">CVE-2019-16202</a> &lt;= MISP 2.4.114 - MISP before 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the checkLoggedActions function with a “This could be an indication of an attempted privilege escalation on older vulnerable versions of MISP (&lt;2.4.115)” message.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2019-19379">CVE-2019-19379</a> &lt;= MISP 2.4.118 - MISP before 2.4.119 In app/Controller/TagsController.php in MISP 2.4.118, users can bypass intended restrictions on tagging data.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-8890">CVE-2020-8890</a> &lt;= MISP 2.4.120 - An issue was discovered in MISP before 2.4.121. It mishandled time skew (between the machine hosting the web server and the machine hosting the database) when trying to block a brute-force series of invalid requests.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-8891">CVE-2020-8891</a> &lt;= MISP 2.4.120 - An issue was discovered in MISP before 2.4.121. It did not canonicalize usernames when trying to block a brute-force series of invalid requests.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-8892">CVE-2020-8892</a> &lt;= MISP 2.4.120 - An issue was discovered in MISP before 2.4.121. It did not consider the HTTP PUT method when trying to block a brute-force series of invalid requests.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-8893">CVE-2020-8893</a> &lt;= MISP 2.4.120 - An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-8894">CVE-2020-8894</a> &lt;= MISP 2.4.120 - An issue was discovered in MISP before 2.4.121. ACLs for discussion threads were mishandled in app/Controller/ThreadsController.php and app/Model/Thread.php.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-10246">CVE-2020-10246</a> &lt;= MISP 2.4.122 - Reflected XSS via unsanitized URL parameters. This is related to app/View/Users/statistics_orgs.ctp.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-10247">CVE-2020-10247</a> &lt;= MISP 2.4.122 - Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sighting_field.ctp.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-13153">CVE-2020-13153</a> &lt;= MISP 2.4.125 - app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS in the resolved attributes view.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-14969">CVE-2020-14969</a> &lt;= MISP 2.4.128 - app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations. This occurs when querying the attribute restsearch API, revealing metadata about a correlating but unreachable attribute.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-15411">CVE-2020-15411</a> &lt;= MISP 2.4.128 - An issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-15412">CVE-2020-15412</a> &lt;= MISP 2.4.128 - An issue was discovered in MISP 2.4.128. app/Controller/EventsController.php lacks an event ACL check before proceeding to allow a user to send an event contact form.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-25766">CVE-2020-25766</a> &lt;= MISP 2.4.131 - An issue was discovered in MISP before 2.4.132. It can perform an unwanted action because of a POST operation on a form that is not linked to the login page.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-28043">CVE-2020-28043</a> &lt;= MISP 2.4.133 - MISP through 2.4.133 allows SSRF in the REST client via the use_full_path parameter with an arbitrary URL.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-28947">CVE-2020-28947</a> &lt;= MISP 2.4.134 - In MISP 2.4.134, XSS exists in the template element index view because the id parameter is mishandled.</li>
+        <li><a href="https://cve.circl.lu/cve/CVE-2020-29572">CVE-2020-29572</a> =&lt; MISP 2.4.135 - app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp in MISP 2.4.135 has XSS via the authkey comment field.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-25324">CVE-2021-25324</a> &lt;= MISP 2.4.136 - Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-25325">CVE-2021-25325</a> &lt;= MISP 2.4.136 - XSS via galaxy cluster element values to app/View/GalaxyElements/ajax/index.ctp. Reference types could contain javascript: URLs.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-25323">CVE-2021-25323</a> &lt;= MISP 2.4.136 - The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-3184">CVE-2021-3184</a> &lt;= MISP 2.4.136 - XSS via a crafted URL to the app/View/Elements/global_menu.ctp user homepage favourite button.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-27904">CVE-2021-27904</a> &lt;= MISP 2.4.139 - An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the “all org” flag sometimes provided view access to unintended actors.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-31780">CVE-2021-31780</a> &lt;= MISP 2.4.141 - an incorrect sharing group association could lead to information disclosure on an event edit. When an object has a sharing group associated with an event edit, the sharing group object is ignored and instead the passed local ID is reused.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-35502">CVE-2021-35502</a> &lt;= MISP 2.4.144 - app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data related to generic-template:index.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-36212">CVE-2021-36212</a> &lt;= MISP 2.4.145 - app/View/SharingGroups/view.ctp in MISP 2.4.145 does not sanitize the sharing group name.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-37534">CVE-2021-37534</a> &lt;= MISP 2.4.146 - app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-37742">CVE-2021-37742</a> &lt;= MISP 2.4.147 - app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster relationships.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-37743">CVE-2021-37743</a> &lt;= MISP 2.4.147 - app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-39302">CVE-2021-39302</a> &lt;= MISP 2.4.148 - MISP in certain configurations, when used with PostgreSQL (which is not a default configuration), allows SQL injection via the app/Model/Log.php $conditions[‘org’] value.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2021-41326">CVE-2021-41326</a> &lt; MISP 2.4.148 - app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-27245">CVE-2022-27245</a> &lt;= MISP 2.4.155 - An issue was discovered in MISP before 2.4.156. app/Model/Server.php does not restrict generateServerSettings to the CLI. This could lead to SSRF.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-27243">CVE-2022-27243</a> &lt;= MISP 2.4.155 - An issue was discovered in MISP before 2.4.156. app/View/Users/terms.ctp allows Local File Inclusion via the custom terms file setting.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-27246">CVE-2022-27246</a> &lt;= MISP 2.4.155 - An issue was discovered in MISP before 2.4.156. An SVG org logo (which may contain JavaScript) is not forbidden by default.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-27244">CVE-2022-27244</a> &lt;= MISP 2.4.155 - An issue was discovered in MISP before 2.4.156. A malicious site administrator could store an XSS payload in the custom auth name. This would be executed each time the administrator modifies a user.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-29530">CVE-2022-29530</a> &lt; MISP 2.4.158 - There is stored XSS in the galaxy clusters.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-29534">CVE-2022-29534</a> &lt; MISP 2.4.158 - In UsersController.php, password confirmation can be bypassed via vectors involving an “Accept: application/json” header.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-29529">CVE-2022-29529</a> &lt; MISP 2.4.158 - There is stored XSS via the LinOTP login field.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-29533">CVE-2022-29533</a> &lt; MISP 2.4.158 - There is XSS in app/Controller/OrganisationsController.php in a situation with a “weird single checkbox page.”</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-29528">CVE-2022-29528</a> &lt; MISP 2.4.158 - PHAR deserialization can occur.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-29531">CVE-2022-29531</a> &lt; MISP 2.4.158 - There is stored XSS in the event graph via a tag name.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-42724">CVE-2022-42724</a> &lt; MISP 2.4.163 - allows attackers to discover role names (this is information that only the site admin should have).</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-47928">CVE-2022-47928</a> &lt; MISP 2.4.167 - XSS in the template file uploads in app/View/Templates/upload_file.ctp.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-24070">CVE-2023-24070</a> &lt; MISP 2.4.168 - app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-24026">CVE-2023-24026</a> &lt; MISP 2.4.168 - In app/webroot/js/event-graph.js has an XSS vulnerability via an event-graph preview payload.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-24027">CVE-2023-24027</a> &lt; MISP 2.4.168 - In app/webroot/js/action_table.js allows XSS via a network history name.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-24028">CVE-2023-24028</a> &lt; MISP 2.4.168 - In app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-48328">CVE-2022-48328</a> &lt; MISP 2.4.167 - app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_params and additional_delimiters.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2022-48329">CVE-2022-48329</a> &lt; MISP 2.4.166 -  MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-28606">CVE-2023-28606</a> &lt; MISP 2.4.169 - js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-28607">CVE-2023-28607</a> &lt; MISP 2.4.169 - js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-28884">CVE-2023-28884</a> &lt; MISP 2.4.170 - app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-37306">CVE-2023-37306</a> &lt; MISP 2.4.173 - MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-40224">CVE-2023-40224</a> &lt;= MISP 2.4.174 - allows XSS in app/View/Events/index.ctp. (reported by BeDisruptive OSS Team)</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-41098">CVE-2023-41098</a> &lt;= MISP 2.4.174 - In app/Controller/DashboardsController.php, a reflected XSS issue exists via the id parameter upon a dashboard edit.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-48656">CVE-2023-48656</a> &lt; MISP 2.4.176 - An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-48655">CVE-2023-48655</a> &lt; MISP 2.4.176 - An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-48657">CVE-2023-48657</a> &lt; MISP 2.4.176 - An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-48659">CVE-2023-48659</a> &lt; MISP 2.4.176 - An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-48658">CVE-2023-48658</a> &lt; MISP 2.4.176 - An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-49926">CVE-2023-49926</a> &lt; MISP 2.4.179 - app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2023-50918">CVE-2023-50918</a> &lt; MISP 2.4.182 - app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for new audit log features (not enabled by default).</li>
+        <li><a href="https://vulnerability.circl.lu/vuln/CVE-2024-25675">CVE-2024-25675</a> &lt; MISP 2.4.184 - An issue was discovered in MISP before 2.4.184. A client does not need to use POST to start an export generation process. This is related to app/Controller/JobsController.php and app/View/Events/export.ctp.</li>
+        <li><a href="https://vulnerability.circl.lu/vuln/CVE-2024-25674">CVE-2024-25674</a> &lt; MISP 2.4.184 - An issue was discovered in MISP before 2.4.184. Organisation logo upload is insecure because of a lack of checks for the file extension and MIME type.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2024-29859">CVE-2024-29859</a> &lt; MISP 2.4.187 - <code>add_misp_export</code> in app/Controller/EventsController.php does not properly check for a valid file upload.</li>
+        <li><a href="https://cvepremium.circl.lu/cve/CVE-2024-29858">CVE-2024-29858</a> &lt; MISP 2.4.187 - <code>__uploadLogo</code> in app/Controller/OrganisationsController.php does not properly check for a valid logo upload.</li>
+        <li>CVE-2024-33855 &lt; MISP 2.4.191 - <a href="https://github.com/MISP/MISP/commit/597977694dae9c6ad93f0cbdf8be48ef87ba7f39">A malicious user could send a highly correlating value with an XSS payload to reach the top list of the correlation. The page is only accessible to site admin user.</a></li>
+        <li><a href="https://vulnerability.circl.lu/vuln/cve-2024-45509">CVE-2024-45509</a> &lt; MISP 2.4.197 - In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin.</li>
+        <li><a href="https://vulnerability.circl.lu/cve/CVE-2024-57969">CVE-2024-57969</a> &lt; MISP 2.4.198 - app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search.</li>
+        <li><a href="https://vulnerability.circl.lu/vuln/cve-2024-46918">CVE-2024-46918</a> &lt; MISP 2.4.198 - app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin from viewing sensitive login fields of another org admin in the same org.</li>
+        <li><a href="https://vulnerability.circl.lu/cve/CVE-2024-54674">CVE-2024-54674</a> &lt;= MISP 2.4.200 and &lt;= 2.5.2 - app/View/GalaxyClusters/cluster_export_misp_galaxy.ctp in MISP through 2.5.2 has stored XSS when exporting custom clusters into the misp-galaxy format.</li>
+        <li><a href="https://vulnerability.circl.lu/cve/CVE-2024-54675">CVE-2024-54675</a> &lt;= MISP 2.4.200 and &lt;= 2.5.2 - app/webroot/js/workflows-editor/workflows-editor.js in MISP through 2.5.2 has stored XSS in the editor interface for an ad-hoc workflow.</li>
+    </ul>
+</html>
\ No newline at end of file